Total
711 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-0906 | 2 Php, Trustix | 2 Php, Secure Linux | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple buffer overflows in PHP before 5.2.1 allow attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors in the (1) session, (2) zip, (3) imap, and (4) sqlite extensions; (5) stream filters; and the (6) str_replace, (7) mail, (8) ibase_delete_user, (9) ibase_add_user, and (10) ibase_modify_user functions. NOTE: vector 6 might actually be an integer overflow (CVE-2007-1885). NOTE: as of 20070411, vector (3) might involve the imap_mail_compose function (CVE-2007-1825). | |||||
| CVE-2009-4018 | 1 Php | 1 Php | 2025-04-09 | 7.5 HIGH | N/A |
| The proc_open function in ext/standard/proc_open.c in PHP before 5.2.11 and 5.3.x before 5.3.1 does not enforce the (1) safe_mode_allowed_env_vars and (2) safe_mode_protected_env_vars directives, which allows context-dependent attackers to execute programs with an arbitrary environment via the env parameter, as demonstrated by a crafted value of the LD_LIBRARY_PATH environment variable. | |||||
| CVE-2007-1582 | 1 Php | 1 Php | 2025-04-09 | 6.8 MEDIUM | N/A |
| The resource system in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows context-dependent attackers to execute arbitrary code by interrupting certain functions in the GD (ext/gd) extension and unspecified other extensions via a userspace error handler, which can be used to destroy and modify internal resources. | |||||
| CVE-2007-1649 | 1 Php | 1 Php | 2025-04-09 | 7.8 HIGH | N/A |
| PHP 5.2.1 allows context-dependent attackers to read portions of heap memory by executing certain scripts with a serialized data input string beginning with S:, which does not properly track the number of input bytes being processed. | |||||
| CVE-2007-1710 | 1 Php | 1 Php | 2025-04-09 | 4.3 MEDIUM | N/A |
| The readfile function in PHP 4.4.4, 5.1.6, and 5.2.1 allows context-dependent attackers to bypass safe_mode restrictions and read arbitrary files by referring to local files with a certain URL syntax instead of a pathname syntax, as demonstrated by a filename preceded a "php://../../" sequence. | |||||
| CVE-2009-1271 | 1 Php | 1 Php | 2025-04-09 | 5.0 MEDIUM | N/A |
| The JSON_parser function (ext/json/JSON_parser.c) in PHP 5.2.x before 5.2.9 allows remote attackers to cause a denial of service (segmentation fault) via a malformed string to the json_decode API function. | |||||
| CVE-2006-4812 | 1 Php | 1 Php | 2025-04-09 | 10.0 HIGH | N/A |
| Integer overflow in PHP 5 up to 5.1.6 and 4 before 4.3.0 allows remote attackers to execute arbitrary code via an argument to the unserialize PHP function with a large value for the number of array elements, which triggers the overflow in the Zend Engine ecalloc function (Zend/zend_alloc.c). | |||||
| CVE-2008-5814 | 1 Php | 1 Php | 2025-04-09 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in PHP, possibly 5.2.7 and earlier, when display_errors is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: because of the lack of details, it is unclear whether this is related to CVE-2006-0208. | |||||
| CVE-2007-1378 | 1 Php | 1 Php | 2025-04-09 | 5.1 MEDIUM | N/A |
| The ovrimos_longreadlen function in the Ovrimos extension for PHP before 4.4.5 allows context-dependent attackers to write to arbitrary memory locations via the result_id and length arguments. | |||||
| CVE-2007-4441 | 1 Php | 1 Php | 2025-04-09 | 4.6 MEDIUM | N/A |
| Buffer overflow in php_win32std.dll in the win32std extension for PHP 5.2.0 and earlier allows context-dependent attackers to execute arbitrary code via a long string in the filename argument to the win_browse_file function. | |||||
| CVE-2007-1475 | 1 Php | 1 Php | 2025-04-09 | 5.4 MEDIUM | N/A |
| Multiple buffer overflows in the (1) ibase_connect and (2) ibase_pconnect functions in the interbase extension in PHP 4.4.6 and earlier allow context-dependent attackers to execute arbitrary code via a long argument. | |||||
| CVE-2007-2844 | 1 Php | 1 Php | 2025-04-09 | 9.3 HIGH | N/A |
| PHP 4.x and 5.x before 5.2.1, when running on multi-threaded systems, does not ensure thread safety for libc crypt function calls using protection schemes such as a mutex, which creates race conditions that allow remote attackers to overwrite internal program memory and gain system access. | |||||
| CVE-2007-6039 | 1 Php | 1 Php | 2025-04-09 | 2.1 LOW | N/A |
| PHP 5.2.5 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long string in (1) the domain parameter to the dgettext function, the message parameter to the (2) dcgettext or (3) gettext function, the msgid1 parameter to the (4) dngettext or (5) ngettext function, or (6) the classname parameter to the stream_wrapper_register function. NOTE: this might not be a vulnerability in most web server environments that support multiple threads, unless this issue can be demonstrated for code execution. | |||||
| CVE-2009-4017 | 3 Apple, Debian, Php | 3 Mac Os X, Debian Linux, Php | 2025-04-09 | 5.0 MEDIUM | N/A |
| PHP before 5.2.12 and 5.3.x before 5.3.1 does not restrict the number of temporary files created when handling a multipart/form-data POST request, which allows remote attackers to cause a denial of service (resource exhaustion), and makes it easier for remote attackers to exploit local file inclusion vulnerabilities, via multiple requests, related to lack of support for the max_file_uploads directive. | |||||
| CVE-2008-5624 | 1 Php | 1 Php | 2025-04-09 | 7.5 HIGH | N/A |
| PHP 5 before 5.2.7 does not properly initialize the page_uid and page_gid global variables for use by the SAPI php_getuid function, which allows context-dependent attackers to bypass safe_mode restrictions via variable settings that are intended to be restricted to root, as demonstrated by a setting of /etc for the error_log variable. | |||||
| CVE-2007-1413 | 1 Php | 1 Php | 2025-04-09 | 7.5 HIGH | N/A |
| Buffer overflow in the snmpget function in the snmp extension in PHP 5.2.3 and earlier, including PHP 4.4.6 and probably other PHP 4 versions, allows context-dependent attackers to execute arbitrary code via a long value in the third argument (object id). | |||||
| CVE-2007-1824 | 1 Php | 1 Php | 2025-04-09 | 5.1 MEDIUM | N/A |
| Buffer overflow in the php_stream_filter_create function in PHP 5 before 5.2.1 allows remote attackers to cause a denial of service (application crash) via a php://filter/ URL that has a name ending in the '.' character. | |||||
| CVE-2008-2371 | 6 Canonical, Debian, Fedoraproject and 3 more | 6 Ubuntu Linux, Debian Linux, Fedora and 3 more | 2025-04-09 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in pcre_compile.c in the Perl-Compatible Regular Expression (PCRE) library 7.7 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a regular expression that begins with an option and contains multiple branches. | |||||
| CVE-2007-1709 | 1 Php | 1 Php | 2025-04-09 | 4.3 MEDIUM | N/A |
| Buffer overflow in the confirm_phpdoc_compiled function in the phpDOC extension (PECL phpDOC) in PHP 5.2.1 allows context-dependent attackers to execute arbitrary code via a long argument string. | |||||
| CVE-2007-1412 | 1 Php | 1 Php | 2025-04-09 | 7.8 HIGH | N/A |
| The cpdf_open function in the ClibPDF (cpdf) extension in PHP 4.4.6 allows context-dependent attackers to obtain sensitive information (script source code) via a long string in the second argument. | |||||